Closed sherlock-admin closed 11 months ago
2 comment(s) were left on this issue during the judging contest.
0xpep7 commented:
dup and same author as 187
JP_Courses commented:
has 2 other duplicate findings for this one: 001/187.md and 001/188.md
jah
high
the function takeoverDebt doesn't properly update
Summary
the function takeoverdebt doesn't not properly update the liquidator balance ## Vulnerability Detail the function takeoverdebt is used to liquidate another borrower and transfer the position into the liquidator and when transferring the loan[] using _addKeysAndLoansInfo(newBorrowing.borrowedAmount > 0, borrowingKey, oldLoans); it is using the liquidated borrowingkey instead of the new one so the loan will will be updated into the previous one so when repaying using the repay function it might not use all the position
Impact
loss of fund
Code Snippet
Tool used
Manual Review
Recommendation
use newBorrowingKey
Duplicate of #53